Directory Traversal 02
This exercise is one of our challenges on Directory Traversal
In this lab, we explore a directory traversal vulnerability in a PHP application. The exercise involves reviewing the source code of index.php and file.php. The code attempts to restrict file access by checking if the file path includes /var/www. However, this check is insufficient and can be bypassed by adding traversal sequences like ../../ to the path, allowing an attacker to access sensitive files such as /etc/passwd.
The video transcript walks through the PHP code line by line. It highlights how the application performs checks using strstr to ensure the file path contains /var/www. Unfortunately, the check does not canonicalize the path, making it vulnerable to directory traversal attacks. The lab emphasizes the importance of proper path validation and demonstrates how an attacker can exploit this weakness to access unauthorized files.